Fortinet 60B manual Configuring Transparent mode, To modify the default gateway

Page 23

 

 

 

Configuring

Configuring Transparent mode

For an initial configuration, you must edit the factory configured static default route to specify a different default gateway for the FortiGate unit. This will enable the flow of data through the FortiGate unit.

For details on adding additional static routes, see the FortiGate Administration Guide.

To modify the default gateway

config router static edit <seq_num>

set gateway <gateway_IP> set device <interface>

end

Adding firewall policies

Firewall policies enable traffic to flow through the FortiGate interfaces. Firewall policies to define the FortiGate unit process the packets in a communication session. You can configure the firewall policies to allow only specific traffic, users and specific times when traffic is allowed.

For the initial installation, a single firewall policy that enables all traffic through will enable you to verify your configuration is working. On lower-end units such a default firewall policy is already in place. For the higher end FortiGate units, you will need to add a firewall policy.

The following steps add two policies that allows all traffic through the FortiGate unit, to enable you to continue testing the configuration on the network.

To add an outgoing traffic firewall policy

config firewall profile

edit <seq_num>

set srcintf <source_interface> set srcaddr <source_IP>

set dstintf <destination_interface> set dstaddr <destination_IP>

set schedule always set service ANY set action accept

end

To create an incoming traffic firewall policy, use the same commands with the addresses reversed.

Note that these policies allow all traffic through. No protection profiles have been applied. Ensure you create additional firewall policies to accommodate your network requirements.

Configuring Transparent mode

Configuring Transparent mode involves switching to Transparent mode, configuring the management IP address, default routes, and simple firewall policies. You can use the web-based manager or the CLI to configure the FortiGate unit in Transparent mode.

FortiGate-60B FortiOS 3.0 MR6 Install Guide

 

01-30006-0446-20080910

23

Page 22 Page 24
Image 23
Page 22 Page 24
Contents Install G U I D E Regulatory compliance TrademarksContents Protection profiles Advanced configurationConfiguring the modem interface Configuring Transparent modeIndex FortiGate FirmwarePage Register your FortiGate unit IntroductionDocument conventions About the FortiGate-60BAbout this document Typographic conventions Further ReadingComments on Fortinet technical documentation Customer service and technical supportFortinet Knowledge Center Environmental specifications InstallingRack mount instructions GroundingMounting Connecting to the networkPlugging in the FortiGate Turning off the FortiGate unitTurning off the FortiGate unit NAT mode NAT vs. Transparent modeTo connect to the web-based manager Connecting to the FortiGate unitTransparent mode Connecting to the web-based managerTo connect to the CLI Connecting to the CLITo configure interfaces Go to System Network Interface Configuring NAT modeUsing the web-based manager Configure the interfacesAdding a default route and gateway Configure a DNS serverAdding firewall policies To modify the default gateway Go to Router StaticTo set an interface to use Dhcp addressing Using the CLITo set an interface to use a static address To set an interface to use PPPoE addressing To configure DNS server settingsTo add an outgoing traffic firewall policy Configuring Transparent modeTo modify the default gateway To switch to Transparent mode Go to System Status Switching to Transparent modeTo switch to Transparent mode To configure DNS server settings Backing up the configuration Verify the configurationSet the time and date Restoring a configurationAdditional configuration Set the Administrator passwordUpdating antivirus and IPS signatures Configure FortiGuardAdditional configuration Protection profiles Advanced configurationFirewall policies Firewall policiesAntivirus options Configuring firewall policiesAntiSpam options Web filtering Logging Redundant mode Selecting a modem modeStand alone mode Configuring modem settingsDial on demand To configure modem settings Go to System Network ModemSyntax Configuring the modem using the CLIKeywords and variables Description Default Mode redudant Phone-number ExampleDead gateway detection Adding a Ping ServerAdding firewall policies for modem connections Administrative access through the modem portConfiguring the Pcmcia modem card To configure the modem Go to System Network ModemAt+cpin=5555 Downloading firmware FortiGate FirmwareReverting to a previous version Using the web-based managerUpgrading the firmware To revert to a previous firmware version Backup and Restore from a USB keyUsing the USB Auto-Install To upgrade the firmware using the CLI Using the CLITo revert to a previous firmware version using the CLI Execute restore image namestr tftpip4Execute restore image namestr tftpipv4 Installing firmware from a system reboot using the CLIPress any key to display configuration menu To install firmware from a system rebootTo backup configuration using the CLI Restoring the previous configurationTo configure the USB Auto-Install using the CLI Additional CLI Commands for a USB keyTo restore configuration using the CLI To test the new firmware image Testing new firmware before installingTesting new firmware before installing Testing new firmware before installing Index System modem 43 system reboot, installing Page Page Page Page

60B specifications

The Fortinet FortiGate 60B is a compact, high-performance network security appliance designed for small to medium-sized businesses. As part of Fortinet's FortiGate series, the 60B integrates advanced security features and technologies, making it an ideal solution for organizations seeking to protect their networks from growing cyber threats.

One of the main features of the FortiGate 60B is its robust firewall capability. The device provides next-generation firewall (NGFW) functionalities, allowing businesses to monitor and control traffic at multiple layers. This includes application control, intrusion prevention, and web filtering, ensuring that only legitimate traffic is allowed access to critical resources. With a strong emphasis on threat detection, the 60B employs FortiGuard Labs' threat intelligence services to stay updated on the latest malware and attack vectors.

Another significant characteristic of the FortiGate 60B is its integrated virtual private network (VPN) capabilities. The device supports both site-to-site and remote access VPNs, enabling secure connections for remote employees and branch offices. This feature is essential for organizations that require secure communication over public networks, ensuring that sensitive data remains protected.

Performance is also a focal point of the FortiGate 60B. The appliance is equipped with dedicated hardware acceleration that optimizes throughput and minimizes latency. With impressive SSL inspection capabilities, it can handle encrypted traffic efficiently, making it well-suited for an increasingly secure internet landscape.

The FortiGate 60B also boasts extensive reporting and analytics features, enabling IT teams to gain valuable insights into network activity. This includes detailed logs and dashboards that help organizations identify potential security risks and respond to incidents in real time. In addition, the appliance is built with scalability in mind, allowing businesses to expand their security posture as they grow.

Furthermore, the FortiGate 60B is designed for ease of management. The unit can be configured and monitored through Fortinet's centralized management system, FortiManager, simplifying the administration of multiple devices across various locations.

In summary, the Fortinet FortiGate 60B is a powerful, versatile network security solution that combines advanced firewall capabilities, VPN support, and integrated threat intelligence. With its strong performance metrics and user-friendly management tools, it is an excellent choice for organizations aiming to bolster their cybersecurity defenses while maintaining operational efficiency.
Top Page Image Contents